Knowledge Commons of Institute of Automation,CAS
ASCL: Adversarial supervised contrastive learning for defense against word substitution attacks | |
Shi, Jiahui1,2![]() ![]() ![]() | |
发表期刊 | NEUROCOMPUTING
![]() |
ISSN | 0925-2312 |
2022-10-21 | |
卷号 | 510页码:59-68 |
摘要 | Attacks with adversarial examples can tremendously worsen the performance of deep neural networks (DNNs). Hence, defending against such adversarial attacks is crucial for nearly all DNN-based applica-tions. Adversarial training is an effective and extensively adopted approach for increasing the robustness of DNNs in which benign examples and their adversarial counterparts are considered together in the training stage. However, this may result in a decrease in accuracy on benign examples because it does not account for the inter-class distance of benign examples. To overcome the aforementioned dilemma, we devise a novel defense approach named adversarial supervised contrastive learning (ASCL), which combines adversarial training with supervised contrastive learning to enhance the robustness of DNN-based models while maintaining their clean accuracy. We validate the effectiveness of the proposed ASCL approach in the scenario of defending against word substitution attacks by means of extensive experiments on benchmark tasks and datasets. The experimental results show that ASCL reduces the attack success rate to 20% while maintaining the accuracy for clean inputs within a 2% margin. (c) 2022 Elsevier B.V. All rights reserved. |
关键词 | Adversarial example Adversarial training Model robustness Contrastive learning Natural language processing |
DOI | 10.1016/j.neucom.2022.09.032 |
收录类别 | SCI |
语种 | 英语 |
资助项目 | National Key Research and Development Program of China[662020AAA0103405] ; National Natural Science Foundation of China[71621002] ; National Natural Science Foundation of China[62206282] ; Strategic Priority Research Program of Chinese Academy of Sciences[XDA27030100] |
项目资助者 | National Key Research and Development Program of China ; National Natural Science Foundation of China ; Strategic Priority Research Program of Chinese Academy of Sciences |
WOS研究方向 | Computer Science |
WOS类目 | Computer Science, Artificial Intelligence |
WOS记录号 | WOS:000862258000006 |
出版者 | ELSEVIER |
七大方向——子方向分类 | 自然语言处理 |
国重实验室规划方向分类 | 语音语言处理 |
是否有论文关联数据集需要存交 | 否 |
引用统计 | |
文献类型 | 期刊论文 |
条目标识符 | http://ir.ia.ac.cn/handle/173211/50434 |
专题 | 多模态人工智能系统全国重点实验室_互联网大数据与信息安全 |
通讯作者 | Li, Linjing |
作者单位 | 1.Chinese Acad Sci, Inst Automat, State Key Lab Management & Control Complex Syst, Beijing 100190, Peoples R China 2.Univ Chinese Acad Sci, Sch Artificial Intelligence, Beijing 101408, Peoples R China 3.Tianjin Zhongke Intelligent Recognit Co Ltd, Tianjin 300450, Peoples R China 4.Chinese Acad Sci, Inst Automat, Beijing, Peoples R China |
第一作者单位 | 中国科学院自动化研究所 |
通讯作者单位 | 中国科学院自动化研究所 |
推荐引用方式 GB/T 7714 | Shi, Jiahui,Li, Linjing,Zeng, Daniel. ASCL: Adversarial supervised contrastive learning for defense against word substitution attacks[J]. NEUROCOMPUTING,2022,510:59-68. |
APA | Shi, Jiahui,Li, Linjing,&Zeng, Daniel.(2022).ASCL: Adversarial supervised contrastive learning for defense against word substitution attacks.NEUROCOMPUTING,510,59-68. |
MLA | Shi, Jiahui,et al."ASCL: Adversarial supervised contrastive learning for defense against word substitution attacks".NEUROCOMPUTING 510(2022):59-68. |
条目包含的文件 | 下载所有文件 | |||||
文件名称/大小 | 文献类型 | 版本类型 | 开放类型 | 使用许可 | ||
ASCL Adversarial sup(1054KB) | 期刊论文 | 作者接受稿 | 开放获取 | CC BY-NC-SA | 浏览 下载 |
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论